Skip to content

Instantly share code, notes, and snippets.

View id3s3c's full-sized avatar

id3s3c id3s3c

2 followers · 1 following
View GitHub Profile
@id3s3c
id3s3c / nucleir.sh
Created January 6, 2021 20:56 — forked from dwisiswant0/nucleir.sh
Automate nuclei
nucleir() {
local TPL="$HOME/Documents/nuclei-templates"
[[ -z "${1}" ]] && { echo "-target/-l ?"; return; }
[[ -z "${2}" ]] && { echo "Input target?"; return; }
local T=""
for i in `ls -1d ${TPL}/*/`; do
if [[ ! "${i}" =~ (brute-force|examples|payloads) ]]; then
@id3s3c
id3s3c / CSM_pocs.md
Created November 17, 2020 22:40 — forked from Frycos/CSM_pocs.md

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

@id3s3c
id3s3c / kerberos_attacks_cheatsheet.md
Created October 19, 2020 17:33 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module: